./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product35.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 6c24879c Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product35.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 45ba8c3ee5105630bc9146965d68439e6204903aca4c5a31cd4f017e456c8589 --- Real Ultimate output --- This is Ultimate 0.2.2-?-6c24879 [2022-07-12 06:20:46,191 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-07-12 06:20:46,192 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-07-12 06:20:46,239 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-07-12 06:20:46,239 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-07-12 06:20:46,241 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-07-12 06:20:46,243 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-07-12 06:20:46,248 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-07-12 06:20:46,250 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-07-12 06:20:46,256 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-07-12 06:20:46,256 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-07-12 06:20:46,258 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-07-12 06:20:46,258 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-07-12 06:20:46,260 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-07-12 06:20:46,262 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-07-12 06:20:46,265 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-07-12 06:20:46,266 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-07-12 06:20:46,267 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-07-12 06:20:46,269 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-07-12 06:20:46,271 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-07-12 06:20:46,275 INFO L181 SettingsManager]: Resetting HornVerifier preferences to default values [2022-07-12 06:20:46,280 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-07-12 06:20:46,280 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-07-12 06:20:46,281 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-07-12 06:20:46,283 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-07-12 06:20:46,287 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-07-12 06:20:46,288 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-07-12 06:20:46,288 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-07-12 06:20:46,289 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-07-12 06:20:46,289 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-07-12 06:20:46,290 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-07-12 06:20:46,291 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-07-12 06:20:46,292 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-07-12 06:20:46,293 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-07-12 06:20:46,293 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-07-12 06:20:46,294 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-07-12 06:20:46,294 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-07-12 06:20:46,295 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-07-12 06:20:46,295 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-07-12 06:20:46,295 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-07-12 06:20:46,296 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-07-12 06:20:46,298 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-07-12 06:20:46,299 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-07-12 06:20:46,331 INFO L113 SettingsManager]: Loading preferences was successful [2022-07-12 06:20:46,332 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-07-12 06:20:46,332 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-07-12 06:20:46,333 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-07-12 06:20:46,333 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-07-12 06:20:46,333 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-07-12 06:20:46,334 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-07-12 06:20:46,334 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-07-12 06:20:46,334 INFO L138 SettingsManager]: * Use SBE=true [2022-07-12 06:20:46,338 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-07-12 06:20:46,339 INFO L138 SettingsManager]: * sizeof long=4 [2022-07-12 06:20:46,339 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-07-12 06:20:46,339 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-07-12 06:20:46,339 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-07-12 06:20:46,339 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-07-12 06:20:46,339 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-07-12 06:20:46,340 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-07-12 06:20:46,340 INFO L138 SettingsManager]: * sizeof long double=12 [2022-07-12 06:20:46,340 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-07-12 06:20:46,340 INFO L138 SettingsManager]: * Use constant arrays=true [2022-07-12 06:20:46,340 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-07-12 06:20:46,341 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-07-12 06:20:46,341 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-07-12 06:20:46,341 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-07-12 06:20:46,341 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-12 06:20:46,341 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-07-12 06:20:46,342 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-07-12 06:20:46,342 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-07-12 06:20:46,342 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-07-12 06:20:46,342 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-07-12 06:20:46,343 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-07-12 06:20:46,343 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-07-12 06:20:46,343 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-07-12 06:20:46,343 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 45ba8c3ee5105630bc9146965d68439e6204903aca4c5a31cd4f017e456c8589 [2022-07-12 06:20:46,548 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-07-12 06:20:46,573 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-07-12 06:20:46,575 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-07-12 06:20:46,576 INFO L271 PluginConnector]: Initializing CDTParser... [2022-07-12 06:20:46,577 INFO L275 PluginConnector]: CDTParser initialized [2022-07-12 06:20:46,578 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product35.cil.c [2022-07-12 06:20:46,656 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/507fbe031/a0917dfa203d4093b65f0d47a6d215dc/FLAG088f2c894 [2022-07-12 06:20:47,106 INFO L306 CDTParser]: Found 1 translation units. [2022-07-12 06:20:47,107 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product35.cil.c [2022-07-12 06:20:47,128 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/507fbe031/a0917dfa203d4093b65f0d47a6d215dc/FLAG088f2c894 [2022-07-12 06:20:47,478 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/507fbe031/a0917dfa203d4093b65f0d47a6d215dc [2022-07-12 06:20:47,480 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-07-12 06:20:47,481 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-07-12 06:20:47,482 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-07-12 06:20:47,482 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-07-12 06:20:47,485 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-07-12 06:20:47,486 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 12.07 06:20:47" (1/1) ... [2022-07-12 06:20:47,487 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@5438d0 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:20:47, skipping insertion in model container [2022-07-12 06:20:47,487 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 12.07 06:20:47" (1/1) ... [2022-07-12 06:20:47,493 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-07-12 06:20:47,539 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-07-12 06:20:47,720 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product35.cil.c[1605,1618] [2022-07-12 06:20:47,874 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-12 06:20:47,887 INFO L203 MainTranslator]: Completed pre-run [2022-07-12 06:20:47,902 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product35.cil.c[1605,1618] [2022-07-12 06:20:47,971 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-12 06:20:47,992 INFO L208 MainTranslator]: Completed translation [2022-07-12 06:20:47,993 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:20:47 WrapperNode [2022-07-12 06:20:47,994 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-07-12 06:20:47,995 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-07-12 06:20:47,995 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-07-12 06:20:47,995 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-07-12 06:20:48,002 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:20:47" (1/1) ... [2022-07-12 06:20:48,032 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:20:47" (1/1) ... [2022-07-12 06:20:48,069 INFO L137 Inliner]: procedures = 55, calls = 154, calls flagged for inlining = 24, calls inlined = 20, statements flattened = 235 [2022-07-12 06:20:48,070 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-07-12 06:20:48,072 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-07-12 06:20:48,072 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-07-12 06:20:48,072 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-07-12 06:20:48,079 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:20:47" (1/1) ... [2022-07-12 06:20:48,079 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:20:47" (1/1) ... [2022-07-12 06:20:48,086 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:20:47" (1/1) ... [2022-07-12 06:20:48,086 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:20:47" (1/1) ... [2022-07-12 06:20:48,101 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:20:47" (1/1) ... [2022-07-12 06:20:48,118 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:20:47" (1/1) ... [2022-07-12 06:20:48,121 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:20:47" (1/1) ... [2022-07-12 06:20:48,130 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-07-12 06:20:48,132 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-07-12 06:20:48,132 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-07-12 06:20:48,132 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-07-12 06:20:48,133 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:20:47" (1/1) ... [2022-07-12 06:20:48,144 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-12 06:20:48,162 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-12 06:20:48,213 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-07-12 06:20:48,276 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-07-12 06:20:48,336 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-07-12 06:20:48,336 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-07-12 06:20:48,336 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-07-12 06:20:48,336 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-07-12 06:20:48,337 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-07-12 06:20:48,337 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-07-12 06:20:48,337 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-07-12 06:20:48,337 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-07-12 06:20:48,337 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-07-12 06:20:48,337 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-07-12 06:20:48,338 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-07-12 06:20:48,338 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-07-12 06:20:48,338 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-07-12 06:20:48,338 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-07-12 06:20:48,338 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-07-12 06:20:48,339 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-07-12 06:20:48,432 INFO L234 CfgBuilder]: Building ICFG [2022-07-12 06:20:48,436 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-07-12 06:20:48,905 INFO L275 CfgBuilder]: Performing block encoding [2022-07-12 06:20:48,911 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-07-12 06:20:48,917 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-07-12 06:20:48,921 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.07 06:20:48 BoogieIcfgContainer [2022-07-12 06:20:48,921 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-07-12 06:20:48,923 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-07-12 06:20:48,923 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-07-12 06:20:48,941 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-07-12 06:20:48,942 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 12.07 06:20:47" (1/3) ... [2022-07-12 06:20:48,942 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4588231c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 12.07 06:20:48, skipping insertion in model container [2022-07-12 06:20:48,943 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:20:47" (2/3) ... [2022-07-12 06:20:48,943 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4588231c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 12.07 06:20:48, skipping insertion in model container [2022-07-12 06:20:48,943 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.07 06:20:48" (3/3) ... [2022-07-12 06:20:48,944 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product35.cil.c [2022-07-12 06:20:48,956 INFO L201 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-07-12 06:20:48,966 INFO L160 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-07-12 06:20:49,038 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-07-12 06:20:49,061 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@330ca2e9, mLbeIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@61ecd815 [2022-07-12 06:20:49,061 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-07-12 06:20:49,065 INFO L276 IsEmpty]: Start isEmpty. Operand has 84 states, 66 states have (on average 1.378787878787879) internal successors, (91), 72 states have internal predecessors, (91), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-07-12 06:20:49,088 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-07-12 06:20:49,091 INFO L187 NwaCegarLoop]: Found error trace [2022-07-12 06:20:49,092 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-12 06:20:49,093 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-12 06:20:49,097 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-12 06:20:49,111 INFO L85 PathProgramCache]: Analyzing trace with hash -569276447, now seen corresponding path program 1 times [2022-07-12 06:20:49,119 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-12 06:20:49,120 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [242064190] [2022-07-12 06:20:49,120 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-12 06:20:49,121 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-12 06:20:49,294 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:49,384 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-07-12 06:20:49,391 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:49,400 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-07-12 06:20:49,406 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:49,412 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-12 06:20:49,413 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-12 06:20:49,414 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [242064190] [2022-07-12 06:20:49,414 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [242064190] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-12 06:20:49,415 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-12 06:20:49,415 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-07-12 06:20:49,416 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [434078206] [2022-07-12 06:20:49,417 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-12 06:20:49,421 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-07-12 06:20:49,422 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-12 06:20:49,466 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-07-12 06:20:49,467 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-12 06:20:49,470 INFO L87 Difference]: Start difference. First operand has 84 states, 66 states have (on average 1.378787878787879) internal successors, (91), 72 states have internal predecessors, (91), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-12 06:20:49,513 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-12 06:20:49,513 INFO L93 Difference]: Finished difference Result 159 states and 216 transitions. [2022-07-12 06:20:49,514 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-07-12 06:20:49,516 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2022-07-12 06:20:49,516 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-12 06:20:49,525 INFO L225 Difference]: With dead ends: 159 [2022-07-12 06:20:49,525 INFO L226 Difference]: Without dead ends: 75 [2022-07-12 06:20:49,529 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-12 06:20:49,532 INFO L413 NwaCegarLoop]: 105 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 105 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-12 06:20:49,533 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 105 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-12 06:20:49,546 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 75 states. [2022-07-12 06:20:49,571 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 75 to 75. [2022-07-12 06:20:49,573 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 75 states, 59 states have (on average 1.305084745762712) internal successors, (77), 64 states have internal predecessors, (77), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-07-12 06:20:49,576 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 75 states to 75 states and 96 transitions. [2022-07-12 06:20:49,577 INFO L78 Accepts]: Start accepts. Automaton has 75 states and 96 transitions. Word has length 32 [2022-07-12 06:20:49,578 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-12 06:20:49,578 INFO L495 AbstractCegarLoop]: Abstraction has 75 states and 96 transitions. [2022-07-12 06:20:49,579 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-12 06:20:49,579 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 96 transitions. [2022-07-12 06:20:49,583 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-07-12 06:20:49,583 INFO L187 NwaCegarLoop]: Found error trace [2022-07-12 06:20:49,584 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-12 06:20:49,584 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-07-12 06:20:49,585 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-12 06:20:49,587 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-12 06:20:49,587 INFO L85 PathProgramCache]: Analyzing trace with hash -292889895, now seen corresponding path program 1 times [2022-07-12 06:20:49,587 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-12 06:20:49,588 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1770027507] [2022-07-12 06:20:49,588 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-12 06:20:49,589 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-12 06:20:49,624 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:49,672 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-07-12 06:20:49,675 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:49,679 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2022-07-12 06:20:49,681 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:49,693 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-12 06:20:49,694 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-12 06:20:49,695 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1770027507] [2022-07-12 06:20:49,695 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1770027507] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-12 06:20:49,696 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-12 06:20:49,696 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-12 06:20:49,696 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [832269641] [2022-07-12 06:20:49,696 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-12 06:20:49,698 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-12 06:20:49,699 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-12 06:20:49,699 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-12 06:20:49,700 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-12 06:20:49,700 INFO L87 Difference]: Start difference. First operand 75 states and 96 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-12 06:20:49,719 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-12 06:20:49,721 INFO L93 Difference]: Finished difference Result 111 states and 142 transitions. [2022-07-12 06:20:49,723 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-12 06:20:49,724 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-07-12 06:20:49,724 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-12 06:20:49,726 INFO L225 Difference]: With dead ends: 111 [2022-07-12 06:20:49,726 INFO L226 Difference]: Without dead ends: 66 [2022-07-12 06:20:49,731 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-12 06:20:49,733 INFO L413 NwaCegarLoop]: 83 mSDtfsCounter, 17 mSDsluCounter, 62 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 145 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-12 06:20:49,733 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [20 Valid, 145 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-12 06:20:49,736 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 66 states. [2022-07-12 06:20:49,743 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 66 to 66. [2022-07-12 06:20:49,745 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 66 states, 53 states have (on average 1.320754716981132) internal successors, (70), 58 states have internal predecessors, (70), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-07-12 06:20:49,746 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 66 states to 66 states and 84 transitions. [2022-07-12 06:20:49,746 INFO L78 Accepts]: Start accepts. Automaton has 66 states and 84 transitions. Word has length 33 [2022-07-12 06:20:49,747 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-12 06:20:49,748 INFO L495 AbstractCegarLoop]: Abstraction has 66 states and 84 transitions. [2022-07-12 06:20:49,748 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-12 06:20:49,748 INFO L276 IsEmpty]: Start isEmpty. Operand 66 states and 84 transitions. [2022-07-12 06:20:49,752 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2022-07-12 06:20:49,752 INFO L187 NwaCegarLoop]: Found error trace [2022-07-12 06:20:49,752 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-12 06:20:49,753 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-07-12 06:20:49,753 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-12 06:20:49,753 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-12 06:20:49,754 INFO L85 PathProgramCache]: Analyzing trace with hash 2081952552, now seen corresponding path program 1 times [2022-07-12 06:20:49,754 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-12 06:20:49,754 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1300830011] [2022-07-12 06:20:49,754 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-12 06:20:49,754 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-12 06:20:49,800 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:49,860 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-07-12 06:20:49,862 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:49,877 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2022-07-12 06:20:49,881 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:49,883 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-12 06:20:49,884 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-12 06:20:49,884 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1300830011] [2022-07-12 06:20:49,884 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1300830011] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-12 06:20:49,884 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-12 06:20:49,885 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-07-12 06:20:49,885 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [717261187] [2022-07-12 06:20:49,885 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-12 06:20:49,886 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-07-12 06:20:49,886 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-12 06:20:49,887 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-07-12 06:20:49,888 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-07-12 06:20:49,888 INFO L87 Difference]: Start difference. First operand 66 states and 84 transitions. Second operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-12 06:20:50,159 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-12 06:20:50,161 INFO L93 Difference]: Finished difference Result 225 states and 295 transitions. [2022-07-12 06:20:50,162 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-07-12 06:20:50,162 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 37 [2022-07-12 06:20:50,163 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-12 06:20:50,164 INFO L225 Difference]: With dead ends: 225 [2022-07-12 06:20:50,171 INFO L226 Difference]: Without dead ends: 167 [2022-07-12 06:20:50,172 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-07-12 06:20:50,175 INFO L413 NwaCegarLoop]: 104 mSDtfsCounter, 218 mSDsluCounter, 303 mSDsCounter, 0 mSdLazyCounter, 72 mSolverCounterSat, 23 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 218 SdHoareTripleChecker+Valid, 407 SdHoareTripleChecker+Invalid, 95 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 23 IncrementalHoareTripleChecker+Valid, 72 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-07-12 06:20:50,175 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [218 Valid, 407 Invalid, 95 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [23 Valid, 72 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-07-12 06:20:50,176 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 167 states. [2022-07-12 06:20:50,224 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 167 to 157. [2022-07-12 06:20:50,225 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 157 states, 123 states have (on average 1.3495934959349594) internal successors, (166), 134 states have internal predecessors, (166), 19 states have call successors, (19), 14 states have call predecessors, (19), 14 states have return successors, (20), 17 states have call predecessors, (20), 19 states have call successors, (20) [2022-07-12 06:20:50,226 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 157 states to 157 states and 205 transitions. [2022-07-12 06:20:50,226 INFO L78 Accepts]: Start accepts. Automaton has 157 states and 205 transitions. Word has length 37 [2022-07-12 06:20:50,226 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-12 06:20:50,226 INFO L495 AbstractCegarLoop]: Abstraction has 157 states and 205 transitions. [2022-07-12 06:20:50,226 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-12 06:20:50,227 INFO L276 IsEmpty]: Start isEmpty. Operand 157 states and 205 transitions. [2022-07-12 06:20:50,236 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2022-07-12 06:20:50,236 INFO L187 NwaCegarLoop]: Found error trace [2022-07-12 06:20:50,236 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-12 06:20:50,236 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-07-12 06:20:50,237 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-12 06:20:50,237 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-12 06:20:50,237 INFO L85 PathProgramCache]: Analyzing trace with hash -1830972643, now seen corresponding path program 1 times [2022-07-12 06:20:50,237 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-12 06:20:50,237 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [934339687] [2022-07-12 06:20:50,238 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-12 06:20:50,238 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-12 06:20:50,289 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:50,413 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2022-07-12 06:20:50,415 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:50,417 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2022-07-12 06:20:50,418 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:50,434 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-07-12 06:20:50,435 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-12 06:20:50,435 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [934339687] [2022-07-12 06:20:50,435 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [934339687] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-12 06:20:50,435 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-12 06:20:50,435 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-07-12 06:20:50,436 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [467002022] [2022-07-12 06:20:50,436 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-12 06:20:50,436 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-07-12 06:20:50,436 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-12 06:20:50,437 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-07-12 06:20:50,437 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-07-12 06:20:50,438 INFO L87 Difference]: Start difference. First operand 157 states and 205 transitions. Second operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-12 06:20:50,578 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-12 06:20:50,579 INFO L93 Difference]: Finished difference Result 399 states and 531 transitions. [2022-07-12 06:20:50,579 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-07-12 06:20:50,580 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 41 [2022-07-12 06:20:50,580 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-12 06:20:50,597 INFO L225 Difference]: With dead ends: 399 [2022-07-12 06:20:50,597 INFO L226 Difference]: Without dead ends: 250 [2022-07-12 06:20:50,604 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-07-12 06:20:50,605 INFO L413 NwaCegarLoop]: 95 mSDtfsCounter, 41 mSDsluCounter, 307 mSDsCounter, 0 mSdLazyCounter, 55 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 42 SdHoareTripleChecker+Valid, 402 SdHoareTripleChecker+Invalid, 64 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 55 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-12 06:20:50,605 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [42 Valid, 402 Invalid, 64 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 55 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-12 06:20:50,606 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 250 states. [2022-07-12 06:20:50,651 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 250 to 235. [2022-07-12 06:20:50,656 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 235 states, 181 states have (on average 1.292817679558011) internal successors, (234), 194 states have internal predecessors, (234), 29 states have call successors, (29), 24 states have call predecessors, (29), 24 states have return successors, (35), 29 states have call predecessors, (35), 29 states have call successors, (35) [2022-07-12 06:20:50,657 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 235 states to 235 states and 298 transitions. [2022-07-12 06:20:50,657 INFO L78 Accepts]: Start accepts. Automaton has 235 states and 298 transitions. Word has length 41 [2022-07-12 06:20:50,658 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-12 06:20:50,658 INFO L495 AbstractCegarLoop]: Abstraction has 235 states and 298 transitions. [2022-07-12 06:20:50,658 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-12 06:20:50,658 INFO L276 IsEmpty]: Start isEmpty. Operand 235 states and 298 transitions. [2022-07-12 06:20:50,663 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2022-07-12 06:20:50,664 INFO L187 NwaCegarLoop]: Found error trace [2022-07-12 06:20:50,664 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-12 06:20:50,664 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-07-12 06:20:50,664 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-12 06:20:50,665 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-12 06:20:50,665 INFO L85 PathProgramCache]: Analyzing trace with hash 1378984981, now seen corresponding path program 1 times [2022-07-12 06:20:50,665 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-12 06:20:50,665 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1391138820] [2022-07-12 06:20:50,666 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-12 06:20:50,666 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-12 06:20:50,701 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:50,760 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-07-12 06:20:50,762 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:50,766 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2022-07-12 06:20:50,766 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:50,769 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-12 06:20:50,769 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-12 06:20:50,769 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1391138820] [2022-07-12 06:20:50,769 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1391138820] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-12 06:20:50,769 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-12 06:20:50,769 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-07-12 06:20:50,770 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1319998071] [2022-07-12 06:20:50,770 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-12 06:20:50,773 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-07-12 06:20:50,773 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-12 06:20:50,774 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-07-12 06:20:50,774 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-07-12 06:20:50,774 INFO L87 Difference]: Start difference. First operand 235 states and 298 transitions. Second operand has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-12 06:20:50,817 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-12 06:20:50,817 INFO L93 Difference]: Finished difference Result 490 states and 632 transitions. [2022-07-12 06:20:50,818 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-07-12 06:20:50,818 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 46 [2022-07-12 06:20:50,819 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-12 06:20:50,828 INFO L225 Difference]: With dead ends: 490 [2022-07-12 06:20:50,828 INFO L226 Difference]: Without dead ends: 263 [2022-07-12 06:20:50,829 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-07-12 06:20:50,829 INFO L413 NwaCegarLoop]: 95 mSDtfsCounter, 42 mSDsluCounter, 265 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 44 SdHoareTripleChecker+Valid, 360 SdHoareTripleChecker+Invalid, 20 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-12 06:20:50,830 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [44 Valid, 360 Invalid, 20 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-12 06:20:50,830 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 263 states. [2022-07-12 06:20:50,861 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 263 to 241. [2022-07-12 06:20:50,862 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 241 states, 187 states have (on average 1.2834224598930482) internal successors, (240), 200 states have internal predecessors, (240), 29 states have call successors, (29), 24 states have call predecessors, (29), 24 states have return successors, (35), 29 states have call predecessors, (35), 29 states have call successors, (35) [2022-07-12 06:20:50,864 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 241 states to 241 states and 304 transitions. [2022-07-12 06:20:50,864 INFO L78 Accepts]: Start accepts. Automaton has 241 states and 304 transitions. Word has length 46 [2022-07-12 06:20:50,865 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-12 06:20:50,865 INFO L495 AbstractCegarLoop]: Abstraction has 241 states and 304 transitions. [2022-07-12 06:20:50,865 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-12 06:20:50,865 INFO L276 IsEmpty]: Start isEmpty. Operand 241 states and 304 transitions. [2022-07-12 06:20:50,866 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2022-07-12 06:20:50,866 INFO L187 NwaCegarLoop]: Found error trace [2022-07-12 06:20:50,866 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-12 06:20:50,866 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-07-12 06:20:50,867 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-12 06:20:50,871 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-12 06:20:50,871 INFO L85 PathProgramCache]: Analyzing trace with hash -209362921, now seen corresponding path program 1 times [2022-07-12 06:20:50,872 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-12 06:20:50,872 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [579780817] [2022-07-12 06:20:50,872 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-12 06:20:50,872 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-12 06:20:50,889 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:51,134 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-07-12 06:20:51,135 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:51,136 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2022-07-12 06:20:51,137 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:51,137 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-12 06:20:51,137 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-12 06:20:51,138 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [579780817] [2022-07-12 06:20:51,138 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [579780817] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-12 06:20:51,138 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-12 06:20:51,138 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-07-12 06:20:51,138 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [975844191] [2022-07-12 06:20:51,138 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-12 06:20:51,138 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-07-12 06:20:51,138 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-12 06:20:51,139 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-07-12 06:20:51,139 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-07-12 06:20:51,141 INFO L87 Difference]: Start difference. First operand 241 states and 304 transitions. Second operand has 4 states, 4 states have (on average 9.75) internal successors, (39), 4 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-12 06:20:51,202 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-12 06:20:51,202 INFO L93 Difference]: Finished difference Result 506 states and 653 transitions. [2022-07-12 06:20:51,203 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-07-12 06:20:51,203 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 9.75) internal successors, (39), 4 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 46 [2022-07-12 06:20:51,204 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-12 06:20:51,214 INFO L225 Difference]: With dead ends: 506 [2022-07-12 06:20:51,214 INFO L226 Difference]: Without dead ends: 273 [2022-07-12 06:20:51,215 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-07-12 06:20:51,217 INFO L413 NwaCegarLoop]: 95 mSDtfsCounter, 27 mSDsluCounter, 164 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 27 SdHoareTripleChecker+Valid, 259 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-12 06:20:51,219 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [27 Valid, 259 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-12 06:20:51,221 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 273 states. [2022-07-12 06:20:51,247 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 273 to 245. [2022-07-12 06:20:51,247 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 245 states, 191 states have (on average 1.2774869109947644) internal successors, (244), 204 states have internal predecessors, (244), 29 states have call successors, (29), 24 states have call predecessors, (29), 24 states have return successors, (35), 29 states have call predecessors, (35), 29 states have call successors, (35) [2022-07-12 06:20:51,249 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 245 states to 245 states and 308 transitions. [2022-07-12 06:20:51,249 INFO L78 Accepts]: Start accepts. Automaton has 245 states and 308 transitions. Word has length 46 [2022-07-12 06:20:51,249 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-12 06:20:51,250 INFO L495 AbstractCegarLoop]: Abstraction has 245 states and 308 transitions. [2022-07-12 06:20:51,250 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 9.75) internal successors, (39), 4 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-12 06:20:51,250 INFO L276 IsEmpty]: Start isEmpty. Operand 245 states and 308 transitions. [2022-07-12 06:20:51,251 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2022-07-12 06:20:51,251 INFO L187 NwaCegarLoop]: Found error trace [2022-07-12 06:20:51,251 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-12 06:20:51,251 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-07-12 06:20:51,252 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-12 06:20:51,252 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-12 06:20:51,252 INFO L85 PathProgramCache]: Analyzing trace with hash -1898306663, now seen corresponding path program 1 times [2022-07-12 06:20:51,252 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-12 06:20:51,252 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [825409811] [2022-07-12 06:20:51,252 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-12 06:20:51,252 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-12 06:20:51,277 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:51,335 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-07-12 06:20:51,338 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:51,339 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2022-07-12 06:20:51,340 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:51,347 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-12 06:20:51,347 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-12 06:20:51,347 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [825409811] [2022-07-12 06:20:51,347 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [825409811] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-12 06:20:51,347 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-12 06:20:51,347 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-12 06:20:51,347 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [651165018] [2022-07-12 06:20:51,347 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-12 06:20:51,348 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-12 06:20:51,348 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-12 06:20:51,349 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-12 06:20:51,349 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-12 06:20:51,349 INFO L87 Difference]: Start difference. First operand 245 states and 308 transitions. Second operand has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-12 06:20:51,384 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-12 06:20:51,384 INFO L93 Difference]: Finished difference Result 609 states and 775 transitions. [2022-07-12 06:20:51,385 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-12 06:20:51,385 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 46 [2022-07-12 06:20:51,385 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-12 06:20:51,388 INFO L225 Difference]: With dead ends: 609 [2022-07-12 06:20:51,388 INFO L226 Difference]: Without dead ends: 372 [2022-07-12 06:20:51,389 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 6 SyntacticMatches, 1 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-12 06:20:51,391 INFO L413 NwaCegarLoop]: 89 mSDtfsCounter, 39 mSDsluCounter, 70 mSDsCounter, 0 mSdLazyCounter, 10 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 39 SdHoareTripleChecker+Valid, 159 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 10 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-12 06:20:51,391 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [39 Valid, 159 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 10 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-12 06:20:51,393 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 372 states. [2022-07-12 06:20:51,416 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 372 to 372. [2022-07-12 06:20:51,417 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 372 states, 290 states have (on average 1.2482758620689656) internal successors, (362), 306 states have internal predecessors, (362), 46 states have call successors, (46), 38 states have call predecessors, (46), 35 states have return successors, (53), 43 states have call predecessors, (53), 46 states have call successors, (53) [2022-07-12 06:20:51,419 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 372 states to 372 states and 461 transitions. [2022-07-12 06:20:51,420 INFO L78 Accepts]: Start accepts. Automaton has 372 states and 461 transitions. Word has length 46 [2022-07-12 06:20:51,421 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-12 06:20:51,421 INFO L495 AbstractCegarLoop]: Abstraction has 372 states and 461 transitions. [2022-07-12 06:20:51,421 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-12 06:20:51,421 INFO L276 IsEmpty]: Start isEmpty. Operand 372 states and 461 transitions. [2022-07-12 06:20:51,422 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2022-07-12 06:20:51,422 INFO L187 NwaCegarLoop]: Found error trace [2022-07-12 06:20:51,423 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-12 06:20:51,423 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-07-12 06:20:51,423 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-12 06:20:51,424 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-12 06:20:51,424 INFO L85 PathProgramCache]: Analyzing trace with hash -1296933517, now seen corresponding path program 1 times [2022-07-12 06:20:51,425 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-12 06:20:51,425 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [486663858] [2022-07-12 06:20:51,425 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-12 06:20:51,425 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-12 06:20:51,447 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:51,522 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-12 06:20:51,525 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:51,549 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2022-07-12 06:20:51,550 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:51,552 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 42 [2022-07-12 06:20:51,557 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:51,561 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-12 06:20:51,561 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-12 06:20:51,561 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [486663858] [2022-07-12 06:20:51,561 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [486663858] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-12 06:20:51,561 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-12 06:20:51,561 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-07-12 06:20:51,561 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [505413497] [2022-07-12 06:20:51,562 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-12 06:20:51,562 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-07-12 06:20:51,562 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-12 06:20:51,562 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-07-12 06:20:51,562 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2022-07-12 06:20:51,563 INFO L87 Difference]: Start difference. First operand 372 states and 461 transitions. Second operand has 8 states, 8 states have (on average 5.125) internal successors, (41), 7 states have internal predecessors, (41), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-07-12 06:20:51,950 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-12 06:20:51,950 INFO L93 Difference]: Finished difference Result 1215 states and 1556 transitions. [2022-07-12 06:20:51,951 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-07-12 06:20:51,951 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.125) internal successors, (41), 7 states have internal predecessors, (41), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 50 [2022-07-12 06:20:51,951 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-12 06:20:51,957 INFO L225 Difference]: With dead ends: 1215 [2022-07-12 06:20:51,957 INFO L226 Difference]: Without dead ends: 978 [2022-07-12 06:20:51,961 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 7 SyntacticMatches, 1 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=56, Invalid=184, Unknown=0, NotChecked=0, Total=240 [2022-07-12 06:20:51,962 INFO L413 NwaCegarLoop]: 131 mSDtfsCounter, 230 mSDsluCounter, 512 mSDsCounter, 0 mSdLazyCounter, 287 mSolverCounterSat, 50 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 239 SdHoareTripleChecker+Valid, 643 SdHoareTripleChecker+Invalid, 337 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 50 IncrementalHoareTripleChecker+Valid, 287 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-07-12 06:20:51,962 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [239 Valid, 643 Invalid, 337 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [50 Valid, 287 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-07-12 06:20:51,964 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 978 states. [2022-07-12 06:20:52,015 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 978 to 901. [2022-07-12 06:20:52,018 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 901 states, 707 states have (on average 1.2305516265912306) internal successors, (870), 751 states have internal predecessors, (870), 106 states have call successors, (106), 81 states have call predecessors, (106), 87 states have return successors, (132), 101 states have call predecessors, (132), 106 states have call successors, (132) [2022-07-12 06:20:52,024 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 901 states to 901 states and 1108 transitions. [2022-07-12 06:20:52,024 INFO L78 Accepts]: Start accepts. Automaton has 901 states and 1108 transitions. Word has length 50 [2022-07-12 06:20:52,024 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-12 06:20:52,024 INFO L495 AbstractCegarLoop]: Abstraction has 901 states and 1108 transitions. [2022-07-12 06:20:52,025 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.125) internal successors, (41), 7 states have internal predecessors, (41), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-07-12 06:20:52,025 INFO L276 IsEmpty]: Start isEmpty. Operand 901 states and 1108 transitions. [2022-07-12 06:20:52,026 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 82 [2022-07-12 06:20:52,026 INFO L187 NwaCegarLoop]: Found error trace [2022-07-12 06:20:52,026 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-12 06:20:52,027 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-07-12 06:20:52,027 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-12 06:20:52,027 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-12 06:20:52,027 INFO L85 PathProgramCache]: Analyzing trace with hash -1580462347, now seen corresponding path program 1 times [2022-07-12 06:20:52,027 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-12 06:20:52,027 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2009721319] [2022-07-12 06:20:52,028 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-12 06:20:52,028 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-12 06:20:52,048 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:52,112 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-12 06:20:52,113 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:52,124 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2022-07-12 06:20:52,127 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:52,161 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-12 06:20:52,164 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:52,165 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 55 [2022-07-12 06:20:52,166 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:52,175 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 66 [2022-07-12 06:20:52,176 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:52,176 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 73 [2022-07-12 06:20:52,177 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:52,178 INFO L134 CoverageAnalysis]: Checked inductivity of 29 backedges. 17 proven. 7 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-07-12 06:20:52,178 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-12 06:20:52,178 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2009721319] [2022-07-12 06:20:52,178 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2009721319] provided 0 perfect and 1 imperfect interpolant sequences [2022-07-12 06:20:52,178 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1232127927] [2022-07-12 06:20:52,179 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-12 06:20:52,179 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-07-12 06:20:52,179 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-12 06:20:52,195 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-07-12 06:20:52,240 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-07-12 06:20:52,411 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:52,414 INFO L263 TraceCheckSpWp]: Trace formula consists of 431 conjuncts, 8 conjunts are in the unsatisfiable core [2022-07-12 06:20:52,431 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-07-12 06:20:52,654 INFO L134 CoverageAnalysis]: Checked inductivity of 29 backedges. 22 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-12 06:20:52,655 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-07-12 06:20:52,785 INFO L134 CoverageAnalysis]: Checked inductivity of 29 backedges. 18 proven. 6 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-07-12 06:20:52,786 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1232127927] provided 0 perfect and 2 imperfect interpolant sequences [2022-07-12 06:20:52,786 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-07-12 06:20:52,786 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2022-07-12 06:20:52,786 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [598871815] [2022-07-12 06:20:52,787 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-07-12 06:20:52,787 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2022-07-12 06:20:52,787 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-12 06:20:52,788 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2022-07-12 06:20:52,788 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=35, Invalid=175, Unknown=0, NotChecked=0, Total=210 [2022-07-12 06:20:52,788 INFO L87 Difference]: Start difference. First operand 901 states and 1108 transitions. Second operand has 15 states, 15 states have (on average 6.733333333333333) internal successors, (101), 11 states have internal predecessors, (101), 5 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 5 states have call successors, (13) [2022-07-12 06:20:53,623 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-12 06:20:53,624 INFO L93 Difference]: Finished difference Result 1691 states and 2155 transitions. [2022-07-12 06:20:53,624 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 34 states. [2022-07-12 06:20:53,625 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 6.733333333333333) internal successors, (101), 11 states have internal predecessors, (101), 5 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 5 states have call successors, (13) Word has length 81 [2022-07-12 06:20:53,626 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-12 06:20:53,630 INFO L225 Difference]: With dead ends: 1691 [2022-07-12 06:20:53,631 INFO L226 Difference]: Without dead ends: 919 [2022-07-12 06:20:53,634 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 221 GetRequests, 179 SyntacticMatches, 1 SemanticMatches, 41 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 429 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=326, Invalid=1480, Unknown=0, NotChecked=0, Total=1806 [2022-07-12 06:20:53,636 INFO L413 NwaCegarLoop]: 174 mSDtfsCounter, 344 mSDsluCounter, 1007 mSDsCounter, 0 mSdLazyCounter, 732 mSolverCounterSat, 192 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 345 SdHoareTripleChecker+Valid, 1181 SdHoareTripleChecker+Invalid, 924 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 192 IncrementalHoareTripleChecker+Valid, 732 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-07-12 06:20:53,637 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [345 Valid, 1181 Invalid, 924 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [192 Valid, 732 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2022-07-12 06:20:53,638 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 919 states. [2022-07-12 06:20:53,690 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 919 to 803. [2022-07-12 06:20:53,691 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 803 states, 618 states have (on average 1.2119741100323624) internal successors, (749), 659 states have internal predecessors, (749), 100 states have call successors, (100), 84 states have call predecessors, (100), 84 states have return successors, (119), 89 states have call predecessors, (119), 100 states have call successors, (119) [2022-07-12 06:20:53,695 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 803 states to 803 states and 968 transitions. [2022-07-12 06:20:53,696 INFO L78 Accepts]: Start accepts. Automaton has 803 states and 968 transitions. Word has length 81 [2022-07-12 06:20:53,697 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-12 06:20:53,697 INFO L495 AbstractCegarLoop]: Abstraction has 803 states and 968 transitions. [2022-07-12 06:20:53,697 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 6.733333333333333) internal successors, (101), 11 states have internal predecessors, (101), 5 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 5 states have call successors, (13) [2022-07-12 06:20:53,697 INFO L276 IsEmpty]: Start isEmpty. Operand 803 states and 968 transitions. [2022-07-12 06:20:53,702 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 151 [2022-07-12 06:20:53,703 INFO L187 NwaCegarLoop]: Found error trace [2022-07-12 06:20:53,703 INFO L195 NwaCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-12 06:20:53,743 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-07-12 06:20:53,927 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-07-12 06:20:53,928 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-12 06:20:53,928 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-12 06:20:53,928 INFO L85 PathProgramCache]: Analyzing trace with hash -158765002, now seen corresponding path program 1 times [2022-07-12 06:20:53,928 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-12 06:20:53,928 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [598735645] [2022-07-12 06:20:53,928 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-12 06:20:53,929 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-12 06:20:53,948 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:53,970 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-12 06:20:53,972 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:53,979 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2022-07-12 06:20:53,981 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:53,984 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-12 06:20:53,985 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:53,986 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 53 [2022-07-12 06:20:53,987 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:53,989 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-12 06:20:53,990 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:53,990 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-12 06:20:53,991 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:53,991 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 84 [2022-07-12 06:20:53,993 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:53,996 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-12 06:20:53,996 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:53,997 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-12 06:20:53,998 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:53,999 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 122 [2022-07-12 06:20:53,999 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:54,000 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 142 [2022-07-12 06:20:54,003 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:54,004 INFO L134 CoverageAnalysis]: Checked inductivity of 171 backedges. 40 proven. 3 refuted. 0 times theorem prover too weak. 128 trivial. 0 not checked. [2022-07-12 06:20:54,005 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-12 06:20:54,005 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [598735645] [2022-07-12 06:20:54,005 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [598735645] provided 0 perfect and 1 imperfect interpolant sequences [2022-07-12 06:20:54,005 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [270294879] [2022-07-12 06:20:54,005 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-12 06:20:54,005 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-07-12 06:20:54,006 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-12 06:20:54,008 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-07-12 06:20:54,037 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-07-12 06:20:54,129 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:20:54,132 INFO L263 TraceCheckSpWp]: Trace formula consists of 610 conjuncts, 3 conjunts are in the unsatisfiable core [2022-07-12 06:20:54,136 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-07-12 06:20:54,155 INFO L134 CoverageAnalysis]: Checked inductivity of 171 backedges. 64 proven. 0 refuted. 0 times theorem prover too weak. 107 trivial. 0 not checked. [2022-07-12 06:20:54,155 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-07-12 06:20:54,155 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [270294879] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-12 06:20:54,155 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-07-12 06:20:54,155 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 5 [2022-07-12 06:20:54,155 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1386638388] [2022-07-12 06:20:54,156 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-12 06:20:54,156 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-12 06:20:54,156 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-12 06:20:54,156 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-12 06:20:54,156 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=8, Invalid=12, Unknown=0, NotChecked=0, Total=20 [2022-07-12 06:20:54,157 INFO L87 Difference]: Start difference. First operand 803 states and 968 transitions. Second operand has 3 states, 3 states have (on average 25.333333333333332) internal successors, (76), 3 states have internal predecessors, (76), 3 states have call successors, (7), 3 states have call predecessors, (7), 3 states have return successors, (6), 3 states have call predecessors, (6), 3 states have call successors, (6) [2022-07-12 06:20:54,188 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-12 06:20:54,189 INFO L93 Difference]: Finished difference Result 978 states and 1187 transitions. [2022-07-12 06:20:54,189 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-12 06:20:54,189 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 25.333333333333332) internal successors, (76), 3 states have internal predecessors, (76), 3 states have call successors, (7), 3 states have call predecessors, (7), 3 states have return successors, (6), 3 states have call predecessors, (6), 3 states have call successors, (6) Word has length 150 [2022-07-12 06:20:54,190 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-12 06:20:54,190 INFO L225 Difference]: With dead ends: 978 [2022-07-12 06:20:54,190 INFO L226 Difference]: Without dead ends: 0 [2022-07-12 06:20:54,192 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 174 GetRequests, 171 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=8, Invalid=12, Unknown=0, NotChecked=0, Total=20 [2022-07-12 06:20:54,192 INFO L413 NwaCegarLoop]: 118 mSDtfsCounter, 36 mSDsluCounter, 77 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 36 SdHoareTripleChecker+Valid, 195 SdHoareTripleChecker+Invalid, 3 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-12 06:20:54,193 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [36 Valid, 195 Invalid, 3 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-12 06:20:54,193 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-07-12 06:20:54,193 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-07-12 06:20:54,193 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-12 06:20:54,193 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-07-12 06:20:54,194 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 150 [2022-07-12 06:20:54,194 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-12 06:20:54,194 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-07-12 06:20:54,194 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 25.333333333333332) internal successors, (76), 3 states have internal predecessors, (76), 3 states have call successors, (7), 3 states have call predecessors, (7), 3 states have return successors, (6), 3 states have call predecessors, (6), 3 states have call successors, (6) [2022-07-12 06:20:54,194 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-07-12 06:20:54,194 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-07-12 06:20:54,196 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-07-12 06:20:54,227 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-07-12 06:20:54,421 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-07-12 06:20:54,423 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-07-12 06:20:57,417 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 768 774) no Hoare annotation was computed. [2022-07-12 06:20:57,417 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 768 774) the Hoare annotation is: true [2022-07-12 06:20:57,417 INFO L899 garLoopResultBuilder]: For program point L669-1(lines 665 676) no Hoare annotation was computed. [2022-07-12 06:20:57,417 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 665 676) the Hoare annotation is: true [2022-07-12 06:20:57,418 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 665 676) no Hoare annotation was computed. [2022-07-12 06:20:57,418 INFO L895 garLoopResultBuilder]: At program point L795(line 795) the Hoare annotation is: (let ((.cse1 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (not (< 1 |old(~waterLevel~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (<= 1 ~pumpRunning~0)) (.cse6 (<= 1 ~switchedOnBeforeTS~0)) (.cse0 (not (= |old(~pumpRunning~0)| 0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse1 .cse4 (and .cse5 .cse6) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1) (or .cse1 .cse4 .cse2 .cse3 (and .cse5 (= ~waterLevel~0 1) .cse6)) (or .cse0 (not (= 0 ~systemActive~0))))) [2022-07-12 06:20:57,418 INFO L895 garLoopResultBuilder]: At program point L795-1(lines 776 800) the Hoare annotation is: (let ((.cse4 (= 1 ~systemActive~0))) (let ((.cse6 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (= ~waterLevel~0 1)) (.cse8 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (= ~pumpRunning~0 0)) (.cse3 (= |timeShift_processEnvironment_~tmp~5#1| 0)) (.cse1 (not .cse4)) (.cse9 (not (< 1 |old(~waterLevel~0)|))) (.cse7 (<= 1 ~pumpRunning~0)) (.cse10 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not (= |old(~pumpRunning~0)| 0)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1 (and .cse2 .cse3 .cse4 .cse5)) (or .cse1 .cse6 (and .cse7 .cse8) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse1 .cse6 .cse9 .cse10 (and .cse7 .cse5 .cse8)) (let ((.cse11 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse0 (and .cse2 .cse3 .cse4 .cse11) .cse1 .cse9 (and .cse7 .cse11) .cse10)) (or .cse0 (not (= 0 ~systemActive~0)))))) [2022-07-12 06:20:57,418 INFO L899 garLoopResultBuilder]: For program point L882(lines 882 886) no Hoare annotation was computed. [2022-07-12 06:20:57,418 INFO L899 garLoopResultBuilder]: For program point L882-2(lines 882 886) no Hoare annotation was computed. [2022-07-12 06:20:57,419 INFO L899 garLoopResultBuilder]: For program point L940(lines 940 946) no Hoare annotation was computed. [2022-07-12 06:20:57,419 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 741 767) no Hoare annotation was computed. [2022-07-12 06:20:57,419 INFO L895 garLoopResultBuilder]: At program point L924(lines 917 926) the Hoare annotation is: (let ((.cse3 (= ~pumpRunning~0 0)) (.cse8 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (and .cse3 .cse8)) (.cse5 (not (< 1 |old(~waterLevel~0)|))) (.cse7 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse6 (and (<= 1 ~pumpRunning~0) .cse8 (<= 1 ~switchedOnBeforeTS~0)))) (and (or .cse0 .cse1 (not (= 0 ~systemActive~0))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse2 (and .cse3 (= ~waterLevel~0 1))) (or .cse2 .cse4 .cse5 .cse6 .cse7) (or .cse0 .cse1 .cse2 .cse5 .cse7) (or .cse2 .cse4 .cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-07-12 06:20:57,419 INFO L899 garLoopResultBuilder]: For program point L722(lines 722 728) no Hoare annotation was computed. [2022-07-12 06:20:57,419 INFO L899 garLoopResultBuilder]: For program point L755-1(lines 755 761) no Hoare annotation was computed. [2022-07-12 06:20:57,419 INFO L899 garLoopResultBuilder]: For program point L784(lines 784 792) no Hoare annotation was computed. [2022-07-12 06:20:57,420 INFO L899 garLoopResultBuilder]: For program point L780(lines 780 797) no Hoare annotation was computed. [2022-07-12 06:20:57,420 INFO L895 garLoopResultBuilder]: At program point L714(lines 709 717) the Hoare annotation is: (let ((.cse10 (= 1 ~systemActive~0))) (let ((.cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse1 (= ~pumpRunning~0 0)) (.cse9 (= |timeShift_processEnvironment_~tmp~5#1| 0)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse7 (= 2 |timeShift_getWaterLevel_#res#1|)) (.cse3 (not (= 0 ~systemActive~0))) (.cse4 (not .cse10)) (.cse12 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (not (< 1 |old(~waterLevel~0)|))) (.cse8 (not (<= |old(~waterLevel~0)| 2))) (.cse6 (<= 1 ~pumpRunning~0)) (.cse11 (= ~waterLevel~0 1)) (.cse13 (<= 1 ~switchedOnBeforeTS~0))) (and (or .cse0 (and .cse1 .cse2) .cse3) (or .cse0 .cse4 .cse5 (and .cse6 .cse7 .cse2) .cse8 (and .cse1 .cse7 .cse9 .cse10 .cse2)) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse4 (and .cse1 .cse9 .cse10 .cse11)) (or .cse0 .cse7 .cse5 .cse8 .cse3) (or .cse4 .cse12 (and .cse6 .cse13) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 .cse12 .cse5 .cse8 (and .cse6 .cse11 .cse13))))) [2022-07-12 06:20:57,420 INFO L895 garLoopResultBuilder]: At program point L937(line 937) the Hoare annotation is: (let ((.cse4 (= ~pumpRunning~0 0)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (not (= 0 ~systemActive~0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse7 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (not (< 1 |old(~waterLevel~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse8 (<= 1 ~pumpRunning~0)) (.cse6 (= ~waterLevel~0 1)) (.cse9 (<= 1 ~switchedOnBeforeTS~0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 (and .cse4 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse5) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1 (and .cse4 (= |timeShift_processEnvironment_~tmp~5#1| 0) .cse6)) (or .cse0 .cse2 .cse3 .cse5) (or .cse1 .cse7 (and .cse8 .cse9) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse1 .cse7 .cse2 .cse3 (and .cse8 .cse6 .cse9)))) [2022-07-12 06:20:57,420 INFO L899 garLoopResultBuilder]: For program point L937-1(line 937) no Hoare annotation was computed. [2022-07-12 06:20:57,420 INFO L895 garLoopResultBuilder]: At program point L888(lines 873 891) the Hoare annotation is: (let ((.cse3 (= ~pumpRunning~0 0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (not (< 1 |old(~waterLevel~0)|))) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (not (= |old(~pumpRunning~0)| 0)))) (and (or .cse0 .cse1 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 (not (= |old(~waterLevel~0)| 1)) .cse0 (and .cse3 (= |timeShift_isHighWaterLevel_#res#1| 0) (= |timeShift_isHighWaterLevel_~tmp___0~1#1| 0) (= ~waterLevel~0 1))) (or .cse2 (and .cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse4 .cse5) (or .cse0 .cse1 .cse4 .cse5) (or .cse2 (not (= 0 ~systemActive~0))))) [2022-07-12 06:20:57,420 INFO L895 garLoopResultBuilder]: At program point L727(lines 718 731) the Hoare annotation is: (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (not (< 1 |old(~waterLevel~0)|))) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not (= 1 ~systemActive~0))) (.cse3 (= ~pumpRunning~0 0)) (.cse2 (not (= |old(~pumpRunning~0)| 0)))) (and (or .cse0 .cse1 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 (and .cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse4 .cse5) (or .cse0 .cse1 .cse4 .cse5) (or .cse2 (not (= |old(~waterLevel~0)| 1)) .cse0 (and (= |timeShift_isHighWaterSensorDry_#res#1| 1) .cse3 (= ~waterLevel~0 1))) (or .cse2 (not (= 0 ~systemActive~0))))) [2022-07-12 06:20:57,420 INFO L899 garLoopResultBuilder]: For program point L54(line 54) no Hoare annotation was computed. [2022-07-12 06:20:57,420 INFO L899 garLoopResultBuilder]: For program point L748(lines 748 754) no Hoare annotation was computed. [2022-07-12 06:20:57,421 INFO L899 garLoopResultBuilder]: For program point L748-2(lines 744 766) no Hoare annotation was computed. [2022-07-12 06:20:57,421 INFO L895 garLoopResultBuilder]: At program point L806(lines 801 808) the Hoare annotation is: (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (< 1 |old(~waterLevel~0)|))) (.cse4 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (= |old(~pumpRunning~0)| 0)))) (and (or .cse0 .cse1 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse0 .cse3 (and (<= 1 ~pumpRunning~0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse4) (or .cse0 .cse1 .cse3 .cse4) (or .cse2 (not (= |old(~waterLevel~0)| 1)) .cse0) (or .cse2 (not (= 0 ~systemActive~0))))) [2022-07-12 06:20:57,421 INFO L899 garLoopResultBuilder]: For program point L645(lines 645 649) no Hoare annotation was computed. [2022-07-12 06:20:57,421 INFO L895 garLoopResultBuilder]: At program point L645-2(lines 641 652) the Hoare annotation is: (let ((.cse1 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (not (< 1 |old(~waterLevel~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (<= 1 ~pumpRunning~0)) (.cse6 (<= 1 ~switchedOnBeforeTS~0)) (.cse0 (not (= |old(~pumpRunning~0)| 0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse1 .cse4 (and .cse5 .cse6) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1) (or .cse1 .cse4 .cse2 .cse3 (and .cse5 (= ~waterLevel~0 1) .cse6)) (or .cse0 (not (= 0 ~systemActive~0))))) [2022-07-12 06:20:57,421 INFO L895 garLoopResultBuilder]: At program point L922(line 922) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse9 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse4 (and .cse0 .cse1 .cse9)) (.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (not (= 1 ~systemActive~0))) (.cse7 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (not (< 1 |old(~waterLevel~0)|))) (.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse8 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse1 .cse9))) (and (or (and .cse0 .cse1 (= ~waterLevel~0 1)) .cse2 (not (= |old(~waterLevel~0)| 1)) .cse3) (or .cse4 .cse2 .cse3 .cse5 .cse6) (or .cse4 .cse2 (not (= 0 ~systemActive~0))) (or .cse3 .cse7 .cse8 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse3 .cse7 .cse5 .cse6 .cse8)))) [2022-07-12 06:20:57,421 INFO L899 garLoopResultBuilder]: For program point L922-1(line 922) no Hoare annotation was computed. [2022-07-12 06:20:57,421 INFO L895 garLoopResultBuilder]: At program point L55(lines 50 57) the Hoare annotation is: (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (< 1 |old(~waterLevel~0)|))) (.cse4 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (= |old(~pumpRunning~0)| 0)))) (and (or .cse0 .cse1 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse0 .cse3 .cse4) (or .cse0 .cse1 .cse3 .cse4) (or .cse2 (not (= |old(~waterLevel~0)| 1)) .cse0) (or .cse2 (not (= 0 ~systemActive~0))))) [2022-07-12 06:20:57,422 INFO L895 garLoopResultBuilder]: At program point L790(line 790) the Hoare annotation is: (let ((.cse5 (= 1 ~systemActive~0))) (let ((.cse3 (= ~pumpRunning~0 0)) (.cse4 (= |timeShift_processEnvironment_~tmp~5#1| 0)) (.cse0 (not .cse5)) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse6 (not (< 1 |old(~waterLevel~0)|))) (.cse7 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (not (= |old(~pumpRunning~0)| 0)))) (and (or .cse0 .cse1 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 (not (= |old(~waterLevel~0)| 1)) .cse0 (and .cse3 .cse4 .cse5 (= ~waterLevel~0 1))) (or .cse2 (and .cse3 .cse4 .cse5 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse6 .cse7) (or .cse0 .cse1 .cse6 .cse7) (or .cse2 (not (= 0 ~systemActive~0)))))) [2022-07-12 06:20:57,422 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 741 767) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse9 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse4 (and .cse0 .cse1 .cse9)) (.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (not (= 1 ~systemActive~0))) (.cse7 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (not (< 1 |old(~waterLevel~0)|))) (.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse8 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse1 .cse9))) (and (or (and .cse0 .cse1 (= ~waterLevel~0 1)) .cse2 (not (= |old(~waterLevel~0)| 1)) .cse3) (or .cse4 .cse2 .cse3 .cse5 .cse6) (or .cse4 .cse2 (not (= 0 ~systemActive~0))) (or .cse3 .cse7 .cse8 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse3 .cse7 .cse5 .cse6 .cse8)))) [2022-07-12 06:20:57,422 INFO L899 garLoopResultBuilder]: For program point L939(lines 939 949) no Hoare annotation was computed. [2022-07-12 06:20:57,422 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 741 767) no Hoare annotation was computed. [2022-07-12 06:20:57,422 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 54) no Hoare annotation was computed. [2022-07-12 06:20:57,423 INFO L899 garLoopResultBuilder]: For program point L935(lines 935 952) no Hoare annotation was computed. [2022-07-12 06:20:57,423 INFO L895 garLoopResultBuilder]: At program point L935-1(lines 927 955) the Hoare annotation is: (let ((.cse7 (= 1 ~systemActive~0))) (let ((.cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse1 (= ~pumpRunning~0 0)) (.cse6 (= |timeShift_processEnvironment_~tmp~5#1| 0)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (= 2 |timeShift_getWaterLevel_#res#1|)) (.cse8 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~7#1| 2)) (.cse3 (not (= 0 ~systemActive~0))) (.cse4 (not .cse7)) (.cse13 (not (<= 1 |old(~pumpRunning~0)|))) (.cse9 (not (< 1 |old(~waterLevel~0)|))) (.cse11 (not (<= |old(~waterLevel~0)| 2))) (.cse10 (<= 1 ~pumpRunning~0)) (.cse12 (= ~waterLevel~0 1)) (.cse14 (<= 1 ~switchedOnBeforeTS~0))) (and (or .cse0 (and .cse1 .cse2) .cse3) (or .cse0 .cse4 (and .cse1 .cse5 .cse6 .cse7 .cse8 .cse2) .cse9 (and .cse10 .cse5 .cse8 .cse2) .cse11) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse4 (and .cse1 .cse6 .cse7 .cse12)) (or .cse0 (and .cse5 .cse8) .cse9 .cse11 .cse3) (or .cse4 .cse13 (and .cse10 .cse14) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 .cse13 .cse9 .cse11 (and .cse10 .cse12 .cse14))))) [2022-07-12 06:20:57,423 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 61 90) no Hoare annotation was computed. [2022-07-12 06:20:57,423 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 61 90) the Hoare annotation is: true [2022-07-12 06:20:57,423 INFO L902 garLoopResultBuilder]: At program point L86(lines 61 90) the Hoare annotation is: true [2022-07-12 06:20:57,423 INFO L899 garLoopResultBuilder]: For program point L82(line 82) no Hoare annotation was computed. [2022-07-12 06:20:57,423 INFO L899 garLoopResultBuilder]: For program point L75(lines 75 79) no Hoare annotation was computed. [2022-07-12 06:20:57,424 INFO L902 garLoopResultBuilder]: At program point L75-1(lines 75 79) the Hoare annotation is: true [2022-07-12 06:20:57,424 INFO L899 garLoopResultBuilder]: For program point L72(line 72) no Hoare annotation was computed. [2022-07-12 06:20:57,424 INFO L902 garLoopResultBuilder]: At program point L71-2(lines 71 85) the Hoare annotation is: true [2022-07-12 06:20:57,424 INFO L902 garLoopResultBuilder]: At program point L67(line 67) the Hoare annotation is: true [2022-07-12 06:20:57,424 INFO L899 garLoopResultBuilder]: For program point L67-1(line 67) no Hoare annotation was computed. [2022-07-12 06:20:57,424 INFO L895 garLoopResultBuilder]: At program point L122(lines 118 124) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_main_~tmp~0#1| 1) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-12 06:20:57,424 INFO L899 garLoopResultBuilder]: For program point L151(lines 151 158) no Hoare annotation was computed. [2022-07-12 06:20:57,425 INFO L899 garLoopResultBuilder]: For program point L597(lines 597 603) no Hoare annotation was computed. [2022-07-12 06:20:57,425 INFO L899 garLoopResultBuilder]: For program point L151-2(lines 151 158) no Hoare annotation was computed. [2022-07-12 06:20:57,425 INFO L899 garLoopResultBuilder]: For program point L597-1(lines 597 603) no Hoare annotation was computed. [2022-07-12 06:20:57,425 INFO L895 garLoopResultBuilder]: At program point L622(lines 577 624) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse7 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse5 (< 1 ~waterLevel~0)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse6 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 (<= 1 ~switchedOnBeforeTS~0)) (and .cse0 .cse1 .cse5 .cse2 .cse3 .cse4 .cse6) (and .cse7 .cse1 .cse2 .cse3 .cse4 (= ~waterLevel~0 1)) (and .cse7 (= |ULTIMATE.start_valid_product_#res#1| 1) .cse1 .cse4 (= 0 ~systemActive~0)) (and .cse7 .cse1 .cse5 .cse2 .cse3 .cse4 .cse6))) [2022-07-12 06:20:57,425 INFO L895 garLoopResultBuilder]: At program point L589(line 589) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse7 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse5 (< 1 ~waterLevel~0)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse6 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 (<= 1 ~switchedOnBeforeTS~0)) (and .cse0 .cse1 .cse5 .cse2 .cse3 .cse4 .cse6) (and .cse7 .cse1 .cse2 .cse3 .cse4 (= ~waterLevel~0 1)) (and .cse7 (= |ULTIMATE.start_valid_product_#res#1| 1) .cse1 .cse4 (= 0 ~systemActive~0)) (and .cse7 .cse1 .cse5 .cse2 .cse3 .cse4 .cse6))) [2022-07-12 06:20:57,425 INFO L902 garLoopResultBuilder]: At program point L135(lines 127 137) the Hoare annotation is: true [2022-07-12 06:20:57,426 INFO L902 garLoopResultBuilder]: At program point L160(lines 141 163) the Hoare annotation is: true [2022-07-12 06:20:57,426 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-07-12 06:20:57,426 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-07-12 06:20:57,426 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-07-12 06:20:57,426 INFO L895 garLoopResultBuilder]: At program point L561(lines 556 564) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-12 06:20:57,426 INFO L895 garLoopResultBuilder]: At program point L553(lines 549 555) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-12 06:20:57,426 INFO L895 garLoopResultBuilder]: At program point L904(lines 892 906) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= |ULTIMATE.start_main_~tmp~0#1| 1) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0) (= 0 ~systemActive~0)) [2022-07-12 06:20:57,427 INFO L899 garLoopResultBuilder]: For program point L578(lines 577 624) no Hoare annotation was computed. [2022-07-12 06:20:57,427 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-07-12 06:20:57,427 INFO L899 garLoopResultBuilder]: For program point L896(lines 896 902) no Hoare annotation was computed. [2022-07-12 06:20:57,427 INFO L899 garLoopResultBuilder]: For program point L607(lines 607 620) no Hoare annotation was computed. [2022-07-12 06:20:57,427 INFO L899 garLoopResultBuilder]: For program point L896-2(lines 896 902) no Hoare annotation was computed. [2022-07-12 06:20:57,427 INFO L895 garLoopResultBuilder]: At program point L599(line 599) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse7 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse5 (< 1 ~waterLevel~0)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse6 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 (<= 1 ~switchedOnBeforeTS~0)) (and .cse0 .cse1 .cse5 .cse2 .cse3 .cse4 .cse6) (and .cse7 .cse1 .cse2 .cse3 .cse4 (= ~waterLevel~0 1)) (and .cse7 (= |ULTIMATE.start_valid_product_#res#1| 1) .cse1 .cse4 (= 0 ~systemActive~0)) (and .cse7 .cse1 .cse5 .cse2 .cse3 .cse4 .cse6))) [2022-07-12 06:20:57,427 INFO L902 garLoopResultBuilder]: At program point L628(lines 567 632) the Hoare annotation is: true [2022-07-12 06:20:57,428 INFO L895 garLoopResultBuilder]: At program point L814(lines 809 816) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 (< 1 ~waterLevel~0) .cse3 (<= ~waterLevel~0 2)) (and (not (= ~switchedOnBeforeTS~0 0)) .cse0 .cse1 .cse2 .cse3))) [2022-07-12 06:20:57,428 INFO L899 garLoopResultBuilder]: For program point L587(lines 587 593) no Hoare annotation was computed. [2022-07-12 06:20:57,428 INFO L899 garLoopResultBuilder]: For program point L587-1(lines 587 593) no Hoare annotation was computed. [2022-07-12 06:20:57,428 INFO L899 garLoopResultBuilder]: For program point L579(lines 579 583) no Hoare annotation was computed. [2022-07-12 06:20:57,428 INFO L895 garLoopResultBuilder]: At program point L546(lines 542 548) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-12 06:20:57,428 INFO L895 garLoopResultBuilder]: At program point L914(lines 909 916) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_main_~tmp~0#1| 1) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-12 06:20:57,429 INFO L895 garLoopResultBuilder]: At program point L625(lines 576 626) the Hoare annotation is: false [2022-07-12 06:20:57,429 INFO L899 garLoopResultBuilder]: For program point L613(lines 613 619) no Hoare annotation was computed. [2022-07-12 06:20:57,429 INFO L895 garLoopResultBuilder]: At program point L613-2(lines 607 620) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse7 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse5 (< 1 ~waterLevel~0)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse6 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 (<= 1 ~switchedOnBeforeTS~0)) (and .cse0 .cse1 .cse5 .cse2 .cse3 .cse4 .cse6) (and .cse7 .cse1 .cse2 .cse3 .cse4 (= ~waterLevel~0 1)) (and .cse7 (= |ULTIMATE.start_valid_product_#res#1| 1) .cse1 .cse4 (= 0 ~systemActive~0)) (and .cse7 .cse1 .cse5 .cse2 .cse3 .cse4 .cse6))) [2022-07-12 06:20:57,429 INFO L899 garLoopResultBuilder]: For program point L657-1(lines 653 664) no Hoare annotation was computed. [2022-07-12 06:20:57,429 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 653 664) no Hoare annotation was computed. [2022-07-12 06:20:57,429 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 653 664) the Hoare annotation is: (let ((.cse3 (not (<= 1 ~pumpRunning~0))) (.cse0 (not (= ~pumpRunning~0 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (< 1 |old(~waterLevel~0)|))) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (not (= 0 ~systemActive~0))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse2 (= ~waterLevel~0 1)) (or .cse2 .cse3 .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or .cse2 .cse4 .cse3 .cse1 .cse5) (or .cse0 .cse2 .cse4 .cse1 .cse5))) [2022-07-12 06:20:57,429 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 828 836) no Hoare annotation was computed. [2022-07-12 06:20:57,430 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 828 836) the Hoare annotation is: true [2022-07-12 06:20:57,430 INFO L899 garLoopResultBuilder]: For program point isPumpRunningFINAL(lines 828 836) no Hoare annotation was computed. [2022-07-12 06:20:57,433 INFO L356 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-12 06:20:57,434 INFO L176 ceAbstractionStarter]: Computing trace abstraction results [2022-07-12 06:20:57,459 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 12.07 06:20:57 BoogieIcfgContainer [2022-07-12 06:20:57,459 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-07-12 06:20:57,460 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-07-12 06:20:57,460 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-07-12 06:20:57,460 INFO L275 PluginConnector]: Witness Printer initialized [2022-07-12 06:20:57,461 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.07 06:20:48" (3/4) ... [2022-07-12 06:20:57,463 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-07-12 06:20:57,468 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-07-12 06:20:57,468 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-07-12 06:20:57,468 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-07-12 06:20:57,469 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-07-12 06:20:57,469 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-07-12 06:20:57,469 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-07-12 06:20:57,475 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 49 nodes and edges [2022-07-12 06:20:57,475 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-07-12 06:20:57,476 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-07-12 06:20:57,476 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-07-12 06:20:57,477 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-07-12 06:20:57,477 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-12 06:20:57,477 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-12 06:20:57,498 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((pumpRunning == 0 && 1 == systemActive) && \result == systemActive) && waterLevel == 1 [2022-07-12 06:20:57,498 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 [2022-07-12 06:20:57,498 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 [2022-07-12 06:20:57,498 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((1 <= pumpRunning && tmp == 1) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) && 1 <= switchedOnBeforeTS) || ((((((1 <= pumpRunning && tmp == 1) && 1 < waterLevel) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) && waterLevel <= 2)) || (((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) && waterLevel == 1)) || ((((pumpRunning == 0 && \result == 1) && tmp == 1) && splverifierCounter == 0) && 0 == systemActive)) || ((((((pumpRunning == 0 && tmp == 1) && 1 < waterLevel) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) && waterLevel <= 2) [2022-07-12 06:20:57,499 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) [2022-07-12 06:20:57,500 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) [2022-07-12 06:20:57,500 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(0 == systemActive)) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((((pumpRunning == 0 && 2 == \result) && tmp == 0) && 1 == systemActive) && tmp == 2) && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || (((1 <= pumpRunning && 2 == \result) && tmp == 2) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((pumpRunning == 0 && tmp == 0) && 1 == systemActive) && waterLevel == 1))) && ((((!(\old(pumpRunning) == 0) || (2 == \result && tmp == 2)) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS)) [2022-07-12 06:20:57,500 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((pumpRunning == 0 && tmp == 0) && 1 == systemActive) && waterLevel == 1)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && (((((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && tmp == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(1 < \old(waterLevel))) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) [2022-07-12 06:20:57,501 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive))) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) [2022-07-12 06:20:57,501 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && \result == 1) && tmp == 1) && splverifierCounter == 0) && 0 == systemActive [2022-07-12 06:20:57,501 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((pumpRunning == 0 && \result == 1) && tmp == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \result == 1) && tmp == 1) && splverifierCounter == 0) [2022-07-12 06:20:57,501 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(0 == systemActive)) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(1 < \old(waterLevel))) || ((1 <= pumpRunning && 2 == \result) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || ((((pumpRunning == 0 && 2 == \result) && tmp == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((pumpRunning == 0 && tmp == 0) && 1 == systemActive) && waterLevel == 1))) && ((((!(\old(pumpRunning) == 0) || 2 == \result) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS)) [2022-07-12 06:20:57,501 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || ((\result == 1 && pumpRunning == 0) && waterLevel == 1))) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) [2022-07-12 06:20:57,502 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((pumpRunning == 0 && \result == 0) && tmp___0 == 0) && waterLevel == 1))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) [2022-07-12 06:20:57,502 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(1 < \old(waterLevel))) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive))) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) [2022-07-12 06:20:57,517 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2022-07-12 06:20:57,517 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-07-12 06:20:57,518 INFO L158 Benchmark]: Toolchain (without parser) took 10036.69ms. Allocated memory was 86.0MB in the beginning and 157.3MB in the end (delta: 71.3MB). Free memory was 52.9MB in the beginning and 61.9MB in the end (delta: -9.0MB). Peak memory consumption was 62.9MB. Max. memory is 16.1GB. [2022-07-12 06:20:57,518 INFO L158 Benchmark]: CDTParser took 0.21ms. Allocated memory is still 86.0MB. Free memory was 42.1MB in the beginning and 42.1MB in the end (delta: 47.1kB). There was no memory consumed. Max. memory is 16.1GB. [2022-07-12 06:20:57,518 INFO L158 Benchmark]: CACSL2BoogieTranslator took 511.78ms. Allocated memory was 86.0MB in the beginning and 107.0MB in the end (delta: 21.0MB). Free memory was 52.6MB in the beginning and 75.1MB in the end (delta: -22.4MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-07-12 06:20:57,519 INFO L158 Benchmark]: Boogie Procedure Inliner took 75.57ms. Allocated memory is still 107.0MB. Free memory was 75.1MB in the beginning and 72.5MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-12 06:20:57,519 INFO L158 Benchmark]: Boogie Preprocessor took 59.53ms. Allocated memory is still 107.0MB. Free memory was 72.5MB in the beginning and 70.7MB in the end (delta: 1.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-12 06:20:57,519 INFO L158 Benchmark]: RCFGBuilder took 789.44ms. Allocated memory is still 107.0MB. Free memory was 70.7MB in the beginning and 54.7MB in the end (delta: 16.0MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2022-07-12 06:20:57,520 INFO L158 Benchmark]: TraceAbstraction took 8536.71ms. Allocated memory was 107.0MB in the beginning and 157.3MB in the end (delta: 50.3MB). Free memory was 54.2MB in the beginning and 68.3MB in the end (delta: -14.1MB). Peak memory consumption was 59.3MB. Max. memory is 16.1GB. [2022-07-12 06:20:57,520 INFO L158 Benchmark]: Witness Printer took 57.59ms. Allocated memory is still 157.3MB. Free memory was 67.2MB in the beginning and 61.9MB in the end (delta: 5.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-07-12 06:20:57,521 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.21ms. Allocated memory is still 86.0MB. Free memory was 42.1MB in the beginning and 42.1MB in the end (delta: 47.1kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 511.78ms. Allocated memory was 86.0MB in the beginning and 107.0MB in the end (delta: 21.0MB). Free memory was 52.6MB in the beginning and 75.1MB in the end (delta: -22.4MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 75.57ms. Allocated memory is still 107.0MB. Free memory was 75.1MB in the beginning and 72.5MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 59.53ms. Allocated memory is still 107.0MB. Free memory was 72.5MB in the beginning and 70.7MB in the end (delta: 1.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 789.44ms. Allocated memory is still 107.0MB. Free memory was 70.7MB in the beginning and 54.7MB in the end (delta: 16.0MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 8536.71ms. Allocated memory was 107.0MB in the beginning and 157.3MB in the end (delta: 50.3MB). Free memory was 54.2MB in the beginning and 68.3MB in the end (delta: -14.1MB). Peak memory consumption was 59.3MB. Max. memory is 16.1GB. * Witness Printer took 57.59ms. Allocated memory is still 157.3MB. Free memory was 67.2MB in the beginning and 61.9MB in the end (delta: 5.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 54]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 84 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 8.4s, OverallIterations: 10, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 2.1s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 3.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1010 SdHoareTripleChecker+Valid, 1.0s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 994 mSDsluCounter, 3856 SdHoareTripleChecker+Invalid, 0.8s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2767 mSDsCounter, 286 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1182 IncrementalHoareTripleChecker+Invalid, 1468 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 286 mSolverCounterUnsat, 1089 mSDtfsCounter, 1182 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 481 GetRequests, 397 SyntacticMatches, 3 SemanticMatches, 81 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 456 ImplicationChecksByTransitivity, 0.7s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=901occurred in iteration=8, InterpolantAutomatonStates: 84, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 10 MinimizatonAttempts, 268 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 38 LocationsWithAnnotation, 1306 PreInvPairs, 1410 NumberOfFragments, 2113 HoareAnnotationTreeSize, 1306 FomulaSimplifications, 936 FormulaSimplificationTreeSizeReduction, 0.3s HoareSimplificationTime, 38 FomulaSimplificationsInter, 5612 FormulaSimplificationTreeSizeReductionInter, 2.7s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 1.5s InterpolantComputationTime, 793 NumberOfCodeBlocks, 793 NumberOfCodeBlocksAsserted, 12 NumberOfCheckSat, 861 ConstructedInterpolants, 0 QuantifiedInterpolants, 1587 SizeOfPredicates, 3 NumberOfNonLiveVariables, 1041 ConjunctsInSsa, 11 ConjunctsInUnsatCore, 13 InterpolantComputations, 9 PerfectInterpolantSequences, 430/453 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 927]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(0 == systemActive)) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((((pumpRunning == 0 && 2 == \result) && tmp == 0) && 1 == systemActive) && tmp == 2) && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || (((1 <= pumpRunning && 2 == \result) && tmp == 2) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((pumpRunning == 0 && tmp == 0) && 1 == systemActive) && waterLevel == 1))) && ((((!(\old(pumpRunning) == 0) || (2 == \result && tmp == 2)) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS)) - InvariantResult [Line: 556]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && 1 == systemActive) && \result == systemActive) && waterLevel == 1 - InvariantResult [Line: 542]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 809]: Loop Invariant Derived loop invariant: (((((pumpRunning == 0 && \result == 1) && tmp == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \result == 1) && tmp == 1) && splverifierCounter == 0) - InvariantResult [Line: 127]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 576]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 709]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(0 == systemActive)) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(1 < \old(waterLevel))) || ((1 <= pumpRunning && 2 == \result) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || ((((pumpRunning == 0 && 2 == \result) && tmp == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((pumpRunning == 0 && tmp == 0) && 1 == systemActive) && waterLevel == 1))) && ((((!(\old(pumpRunning) == 0) || 2 == \result) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS)) - InvariantResult [Line: 776]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((pumpRunning == 0 && tmp == 0) && 1 == systemActive) && waterLevel == 1)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && (((((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && tmp == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(1 < \old(waterLevel))) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) - InvariantResult [Line: 892]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && \result == 1) && tmp == 1) && splverifierCounter == 0) && 0 == systemActive - InvariantResult [Line: 801]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(1 < \old(waterLevel))) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive))) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) - InvariantResult [Line: 141]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 718]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || ((\result == 1 && pumpRunning == 0) && waterLevel == 1))) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) - InvariantResult [Line: 549]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 71]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 577]: Loop Invariant Derived loop invariant: ((((((((1 <= pumpRunning && tmp == 1) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) && 1 <= switchedOnBeforeTS) || ((((((1 <= pumpRunning && tmp == 1) && 1 < waterLevel) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) && waterLevel <= 2)) || (((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) && waterLevel == 1)) || ((((pumpRunning == 0 && \result == 1) && tmp == 1) && splverifierCounter == 0) && 0 == systemActive)) || ((((((pumpRunning == 0 && tmp == 1) && 1 < waterLevel) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) && waterLevel <= 2) - InvariantResult [Line: 909]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 - InvariantResult [Line: 50]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive))) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) - InvariantResult [Line: 917]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 641]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) - InvariantResult [Line: 873]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((pumpRunning == 0 && \result == 0) && tmp___0 == 0) && waterLevel == 1))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) - InvariantResult [Line: 118]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 - InvariantResult [Line: 567]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 61]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2022-07-12 06:20:57,567 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE